Nadav Golombick wrote:
What is the correct procedure if I come to a situation where the password length is too big for the given buffer.
If this is a design question, then the proper thing to do IMHO is akin to what's done for HMAC-MD5 or HMAC-SHA1 -- if the passphrase exceeds the buffer length, compute the SHA1 hash of the passphrase and use that as the passphrase. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
